Kernel/iwd
3
0
Fork 0
mirror of https://git.kernel.org/pub/scm/network/wireless/iwd.git synced 2024-12-22 13:02:44 +01:00
Code Releases Activity

crypto: renamed hkdf_256

Browse Source 
The RFC (5869) for this implementation defines two functions,
HKDF-Extract and HKDF-Expand. The existing 'hkdf_256' was implementing
the Extract function, so it was renamed appropriately. The name was
changed for consistency when the Expand function will be added in the
future.
This commit is contained in:
James Prestwood 2018-11-16 14:22:50 -08:00 committed by Denis Kenzior
parent dddbf22ab7
commit 0b42ca7c30
4 changed files with 16 additions and 15 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/crypto.c
View File

@ -411,7 +411,7 @@ bool kdf_sha256(const void *key, size_t key_len,
*
* Null key equates to a zero key (makes calls in EAP-PWD more convenient)
*/
bool hkdf_256(const uint8_t *key, size_t key_len, uint8_t num_args,
bool hkdf_extract_sha256(const uint8_t *key, size_t key_len, uint8_t num_args,
uint8_t *out, ...)
{
struct l_checksum *hmac;

4
src/crypto.h
View File

@ -92,8 +92,8 @@ bool kdf_sha256(const void *key, size_t key_len,
bool prf_sha1(const void *key, size_t key_len,
const void *prefix, size_t prefix_len,
const void *data, size_t data_len, void *output, size_t size);
bool hkdf_256(const uint8_t *key, size_t key_len, uint8_t num_args,
uint8_t *out, ...);
bool hkdf_extract_sha256(const uint8_t *key, size_t key_len, uint8_t num_args,
uint8_t *out, ...);
bool crypto_derive_pairwise_ptk(const uint8_t *pmk,
const uint8_t *addr1, const uint8_t *addr2,

22
src/eap-pwd.c
View File

@ -282,9 +282,9 @@ static void eap_pwd_handle_id(struct eap_state *eap,
while (counter < 20) {
/* pwd-seed = H(token|peer-ID|server-ID|password|counter) */
hkdf_256(NULL, 0, 5, pwd_seed, &token, 4, pwd->identity,
strlen(pwd->identity), pkt + 9, len - 9,
pwd->password, strlen(pwd->password),
hkdf_extract_sha256(NULL, 0, 5, pwd_seed, &token, 4,
pwd->identity, strlen(pwd->identity), pkt + 9,
len - 9, pwd->password, strlen(pwd->password),
&counter, 1);
/*
@ -492,13 +492,13 @@ static void eap_pwd_handle_confirm(struct eap_state *eap,
* compute Confirm_P = H(kp | Element_P | Scalar_P |
* Element_S | Scalar_S | Ciphersuite)
*/
hkdf_256(NULL, 0, 8, confirm_p, kp.x, ECC_BYTES, pwd->element_p.x,
ECC_BYTES, pwd->element_p.y, ECC_BYTES, pwd->scalar_p,
ECC_BYTES, pwd->element_s.x, ECC_BYTES,
pwd->element_s.y, ECC_BYTES, pwd->scalar_s,
hkdf_extract_sha256(NULL, 0, 8, confirm_p, kp.x, ECC_BYTES,
pwd->element_p.x, ECC_BYTES, pwd->element_p.y,
ECC_BYTES, pwd->scalar_p, ECC_BYTES, pwd->element_s.x,
ECC_BYTES, pwd->element_s.y, ECC_BYTES, pwd->scalar_s,
ECC_BYTES, &pwd->ciphersuite, 4);
hkdf_256(NULL, 0, 8, expected_confirm_s, kp.x, ECC_BYTES,
hkdf_extract_sha256(NULL, 0, 8, expected_confirm_s, kp.x, ECC_BYTES,
pwd->element_s.x, ECC_BYTES, pwd->element_s.y,
ECC_BYTES, pwd->scalar_s, ECC_BYTES, pwd->element_p.x,
ECC_BYTES, pwd->element_p.y, ECC_BYTES,
@ -515,15 +515,15 @@ static void eap_pwd_handle_confirm(struct eap_state *eap,
pos += 32;
/* derive MK = H(kp | Confirm_P | Confirm_S ) */
hkdf_256(NULL, 0, 3, mk, kp.x, ECC_BYTES, confirm_p, ECC_BYTES,
confirm_s, ECC_BYTES);
hkdf_extract_sha256(NULL, 0, 3, mk, kp.x, ECC_BYTES, confirm_p,
ECC_BYTES, confirm_s, ECC_BYTES);
eap_pwd_send_response(eap, resp, pos - resp);
eap_method_success(eap);
session_id[0] = 52;
hkdf_256(NULL, 0, 3, session_id + 1, &pwd->ciphersuite, 4,
hkdf_extract_sha256(NULL, 0, 3, session_id + 1, &pwd->ciphersuite, 4,
pwd->scalar_p, ECC_BYTES, pwd->scalar_s, ECC_BYTES);
kdf(mk, 32, (const char *) session_id, 33, msk_emsk, 128);
eap_set_key_material(eap, msk_emsk, 64, msk_emsk + 64, 64, NULL, 0);

3
src/sae.c
View File

@ -137,7 +137,8 @@ static bool sae_pwd_seed(const uint8_t *addr1, const uint8_t *addr2,
memcpy(key + 6, addr1, 6);
}
return hkdf_256(key, 12, 2, out, base, base_len, &counter, 1);
return hkdf_extract_sha256(key, 12, 2, out, base, base_len,
&counter, 1);
}
static bool sae_pwd_value(uint8_t *pwd_seed, uint64_t *pwd_value)